<?php
    session_start();
    include "conexion_bd.php";
    $mysqli->set_charset("utf8");
    
    $user = $_POST['user'];
    $pass = $_POST['pass'];
    
    $r = $mysqli->query("SELECT nombre_usuario,perfil,ci,escribir,reescribir,borrar FROM cuenta_sistema WHERE nombre_usuario = '$user' AND contraseña = '$pass';");

    if(mysqli_num_rows($r))
    {
        while ($fila = $r->fetch_assoc())
        {
            $_SESSION['user'] = $fila['nombre_usuario'];
            $_SESSION['perfil'] = $fila['perfil'];
            $ci=$fila['ci'];
            $_SESSION['ci']= $fila['ci'];
            $_SESSION['escribir'] = $fila['escribir'];
            $_SESSION['reescribir'] = $fila['reescribir'];
            $_SESSION['borrar'] = $fila['borrar'];
        }
        $r2 = $mysqli->query("SELECT primer_nombre FROM persona WHERE ci = '$ci';");
        while ($fila2 = $r2->fetch_assoc()){$_SESSION['nombre'] = $fila2['primer_nombre'];}
        unset($_SESSION['error']);
        header ("location: main.php");
    }
    else 
    {   
        $_SESSION['error'] = 1;
        header ("location: index.php");
    }
?>

